suse/kernel-docs&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP5

Vulnerabilities (2,310)

• CVE-2022-50754Dec 24, 2025
  affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

  In the Linux kernel, the following vulnerability has been resolved: apparmor: fix a memleak in multi_transaction_new() In multi_transaction_new(), the variable t is not freed or passed out on the failure of copy_from_user(t->data, buf, size), which could lead to a memleak. Fix

• CVE-2022-50752Dec 24, 2025
  affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

  In the Linux kernel, the following vulnerability has been resolved: md/raid5: Remove unnecessary bio_put() in raid5_read_one_chunk() When running chunk-sized reads on disks with badblocks duplicate bio free/puts are observed: ================================================

• CVE-2022-50751Dec 24, 2025
  affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

  In the Linux kernel, the following vulnerability has been resolved: configfs: fix possible memory leak in configfs_create_dir() kmemleak reported memory leaks in configfs_create_dir(): unreferenced object 0xffff888009f6af00 (size 192): comm "modprobe", pid 3777, jiffies 4295

• CVE-2022-50750Dec 24, 2025
  affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

  In the Linux kernel, the following vulnerability has been resolved: drm/panel/panel-sitronix-st7701: Remove panel on DSI attach failure In case mipi_dsi_attach() fails, call drm_panel_remove() to avoid memory leak.

• CVE-2022-50749Dec 24, 2025
  affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

  In the Linux kernel, the following vulnerability has been resolved: acct: fix potential integer overflow in encode_comp_t() The integer overflow is descripted with following codes: > 317 static comp_t encode_comp_t(u64 value) > 318 { > 319 int exp, rnd; ......

• CVE-2022-50747Dec 24, 2025
  affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

  In the Linux kernel, the following vulnerability has been resolved: hfs: Fix OOB Write in hfs_asc2mac Syzbot reported a OOB Write bug: loop0: detected capacity change from 0 to 64 ================================================================== BUG: KASAN: slab-out-of-bounds

• CVE-2022-50745Dec 24, 2025
  affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

  In the Linux kernel, the following vulnerability has been resolved: staging: media: tegra-video: fix device_node use after free At probe time this code path is followed: * tegra_csi_init * tegra_csi_channels_alloc * for_each_child_of_node(node, channel) -- iterates ov

• CVE-2022-50744Dec 24, 2025
  affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

  In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix hard lockup when reading the rx_monitor from debugfs During I/O and simultaneous cat of /sys/kernel/debug/lpfc/fnX/rx_monitor, a hard lockup similar to the call trace below may occur. The spin_

• CVE-2022-50742Dec 24, 2025
  affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

  In the Linux kernel, the following vulnerability has been resolved: misc: ocxl: fix possible refcount leak in afu_ioctl() eventfd_ctx_put need to be called to put the refcount that gotten by eventfd_ctx_fdget when ocxl_irq_set_handler fails.

• CVE-2022-50740Dec 24, 2025
  affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

  In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: hif_usb: fix memory leak of urbs in ath9k_hif_usb_dealloc_tx_urbs() Syzkaller reports a long-known leak of urbs in ath9k_hif_usb_dealloc_tx_urbs(). The cause of the leak is that usb_get_urb() is c

• CVE-2022-50738Dec 24, 2025
  affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

  In the Linux kernel, the following vulnerability has been resolved: vhost-vdpa: fix an iotlb memory leak Before commit 3d5698793897 ("vhost-vdpa: introduce asid based IOTLB") we called vhost_vdpa_iotlb_unmap(v, iotlb, 0ULL, 0ULL - 1) during release to free all the resources all

• CVE-2022-50736Dec 24, 2025
  affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

  In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix immediate work request flush to completion queue Correctly set send queue element opcode during immediate work request flushing in post sendqueue operation, if the QP is in ERROR state. An undefin

• CVE-2022-50735Dec 24, 2025
  affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

  In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: do not run mt76u_status_worker if the device is not running Fix the following NULL pointer dereference avoiding to run mt76u_status_worker thread if the device is not running yet. KASAN: null-ptr-d

• CVE-2022-50733Dec 24, 2025
  affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

  In the Linux kernel, the following vulnerability has been resolved: usb: idmouse: fix an uninit-value in idmouse_open In idmouse_create_image, if any ftip_command fails, it will go to the reset label. However, this leads to the data in bulk_in_buffer[HEADER..IMGSIZE] uninitiali

• CVE-2022-50732Dec 24, 2025
  affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

  In the Linux kernel, the following vulnerability has been resolved: staging: rtl8192u: Fix use after free in ieee80211_rx() We cannot dereference the "skb" pointer after calling ieee80211_monitor_rx(), because it is a use after free.

• CVE-2022-50731Dec 24, 2025
  affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

  In the Linux kernel, the following vulnerability has been resolved: crypto: akcipher - default implementation for setting a private key Changes from v1: * removed the default implementation from set_pub_key: it is assumed that an implementation must always have this callb

• CVE-2022-50730Dec 24, 2025
  affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

  In the Linux kernel, the following vulnerability has been resolved: ext4: silence the warning when evicting inode with dioread_nolock When evicting an inode with default dioread_nolock, it could be raced by the unwritten extents converting kworker after writeback some new alloc

• CVE-2022-50728Dec 24, 2025
  affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

  In the Linux kernel, the following vulnerability has been resolved: s390/lcs: Fix return type of lcs_start_xmit() With clang's kernel control flow integrity (kCFI, CONFIG_CFI_CLANG), indirect call targets are validated against the expected function pointer prototype to make sur

• CVE-2022-50727Dec 24, 2025
  affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

  In the Linux kernel, the following vulnerability has been resolved: scsi: efct: Fix possible memleak in efct_device_init() In efct_device_init(), when efct_scsi_reg_fc_transport() fails, efct_scsi_tgt_driver_exit() is not called to release memory for efct_scsi_tgt_driver_init()

• CVE-2022-50726Dec 24, 2025
  affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

  In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix possible use-after-free in async command interface mlx5_cmd_cleanup_async_ctx should return only after all its callback handlers were completed. Before this patch, the below race between mlx5_cmd_